* Back Daniel <di0bada at chl.chalmers.se> [01/01/70 - 01:00]:
[...]
> So, W2K doesnt need SMB-packets signatures and we have no problems, but we
> want it to work with Windows 2003. Whats the difference between Windows 2000
> and Windows 2003 when it comes to security signatures of SMB-packets?
By default, a Windows Server 2003 requires signature of SMB packets (at
least, a Windows Server 2003 DC).
> Can we disable signatures in Windows 2003 Server or do we have to make
> some changes in Red Hat/Samba? Is ther another way to get around this
> problem?
Yes, you can look for the following security option
Microsoft network server: Digitally sign commnunications (always) :
and set it to Disabled, instead of Enabled.
This security option modifies the following registry value:
Key: HKLM\SYSTEM\CCS\Service\lanmanserver\parameters\
Value: RequireSecuritySignature
Content: 0 to disable, 1 to enable
If you don't want to reboot after that change, you can stop the srv.sys
driver and services that depend on it using the following command:
C:\>net stop srv
Then, you can restart it, as well as the services that depend on it
(in particular, netlogon)
C:\>net start srv
Jean-Baptiste Marchand
--
Jean-Baptiste.Marchand at hsc.fr
Hervé Schauer Consultants
http://www.hsc.fr/